Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8be1f1-1033-4772-b2f1-28491036231b/1/DjH2bHS903zyMo6RRsq8YwAB_ic.roa
File: DjH2bHS903zyMo6RRsq8YwAB_ic.roa (raw, json)
Hash identifier: Sjo6kpTKp3bTsuZq2kt8E0mVH0KWdCyHQD3mLkh0NKw=
Subject key identifier: 0E:31:F6:6C:74:BD:D3:7C:F2:32:8E:91:46:CA:BC:63:00:01:FE:27
Certificate issuer: /CN=2564be81ecbc14d874027bf23b9dec3f7f2080eb
Certificate serial: 0188299C120A618C742FDDE49EFDEA8FDC8D
Authority key identifier: 25:64:BE:81:EC:BC:14:D8:74:02:7B:F2:3B:9D:EC:3F:7F:20:80:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JWS-gey8FNh0AnvyO53sP38ggOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8be1f1-1033-4772-b2f1-28491036231b/1/DjH2bHS903zyMo6RRsq8YwAB_ic.roa
Signing time: Wed 17 May 2023 12:07:54 +0000
ROA not before: Wed 17 May 2023 12:07:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205134
IP address blocks: 91.216.171.0/25 maxlen: 25
91.216.171.128/25 maxlen: 25
2a12:d9c0:1::/48 maxlen: 48
2a12:d9c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:9c:12:0a:61:8c:74:2f:dd:e4:9e:fd:ea:8f:dc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2564be81ecbc14d874027bf23b9dec3f7f2080eb
Validity
Not Before: May 17 12:07:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e31f66c74bdd37cf2328e9146cabc630001fe27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:08:50:c1:b0:12:46:35:f5:be:ec:42:b7:fb:
25:be:99:10:c1:ae:dc:56:cf:53:06:ec:1f:6e:4d:
a1:a4:2d:0c:96:f3:8e:7d:cc:5d:b6:4f:ad:9b:e7:
7b:67:88:88:85:3a:d6:68:b6:a8:79:a4:db:64:a3:
e8:e4:a6:5e:10:f4:0c:77:a2:2c:6f:46:7c:4b:de:
ca:49:4d:1b:13:5e:b6:94:91:d8:ae:0c:de:4f:dc:
68:93:16:e2:e1:e9:89:3c:23:80:6e:ca:51:c7:d6:
97:73:53:d1:fd:71:83:1e:48:e0:4e:7f:9c:8a:04:
22:fc:f0:ab:bd:8b:a8:9b:ca:5a:a2:e5:28:c3:15:
df:8a:48:e2:fb:3c:2d:32:36:a2:70:1e:e2:7e:b4:
23:17:cb:de:c3:bc:1d:1d:19:94:74:4a:ff:5d:9b:
36:8b:77:e8:ed:9b:91:ee:24:46:34:8d:bb:01:45:
74:29:ef:46:74:33:b4:70:67:06:d7:7e:6b:99:55:
7c:22:87:32:97:8c:50:d7:6c:ee:8c:ad:62:3b:59:
19:2e:36:16:b3:40:2f:f0:22:2e:31:ac:7e:d5:87:
cf:a2:71:82:fb:71:f2:b5:eb:1c:1c:3a:82:81:ad:
7c:ae:ef:e9:c6:63:a5:11:95:5c:93:6a:26:3b:e4:
68:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:31:F6:6C:74:BD:D3:7C:F2:32:8E:91:46:CA:BC:63:00:01:FE:27
X509v3 Authority Key Identifier:
keyid:25:64:BE:81:EC:BC:14:D8:74:02:7B:F2:3B:9D:EC:3F:7F:20:80:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JWS-gey8FNh0AnvyO53sP38ggOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8be1f1-1033-4772-b2f1-28491036231b/1/DjH2bHS903zyMo6RRsq8YwAB_ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8be1f1-1033-4772-b2f1-28491036231b/1/JWS-gey8FNh0AnvyO53sP38ggOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.171.0/24
IPv6:
2a12:d9c0:1::-2a12:d9c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
73:e6:59:c7:d9:96:dd:6e:59:63:b7:91:52:a4:4c:cd:d6:a6:
f8:46:7c:5f:56:46:46:27:b6:21:b0:44:5f:6a:0d:37:c4:a3:
cb:95:f7:14:9d:fd:55:a9:5f:4e:0d:5a:d4:7d:59:93:1f:d7:
70:f1:a7:f3:27:7f:1b:ff:6a:27:cb:1c:bc:a3:3f:5a:84:f4:
ce:34:cd:85:be:77:c0:65:9e:d9:7d:23:de:9a:5d:35:32:6b:
84:17:91:09:d7:d7:95:4e:76:d5:5a:c4:d0:56:6e:8b:79:d5:
db:d5:be:45:31:bb:42:30:a1:fe:80:b7:6f:bb:fe:5a:29:03:
14:03:0b:77:75:3e:fe:77:40:40:d5:ac:73:f9:31:ae:52:55:
df:cc:ce:f6:cb:b4:ef:de:06:af:b2:b2:a8:63:96:b8:0a:63:
72:02:74:cb:e9:d4:53:62:d3:7b:0b:42:e1:39:be:16:16:4d:
8a:07:35:69:fe:da:2e:df:fe:88:28:24:62:77:6a:0e:a7:60:
ef:d5:16:0d:59:5f:be:91:f2:6e:9a:4c:e4:67:c5:98:b6:f1:
2b:fe:31:73:c6:c4:84:a5:89:ef:8f:58:7e:90:7a:f7:67:f4:
6c:c1:c2:5d:9e:67:cb:93:3e:c0:6a:25:44:29:2e:d2:81:a0:
f1:33:6d:c0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYgpnBIKYYx0L93knv3qj9yNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NjRiZTgxZWNiYzE0ZDg3NDAyN2JmMjNiOWRlYzNmN2Yy
MDgwZWIwHhcNMjMwNTE3MTIwNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTMxZjY2Yzc0YmRkMzdjZjIzMjhlOTE0NmNhYmM2MzAwMDFmZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAhQwbASRjX1vuxCt/slvpkQwa7c
Vs9TBuwfbk2hpC0MlvOOfcxdtk+tm+d7Z4iIhTrWaLaoeaTbZKPo5KZeEPQMd6Is
b0Z8S97KSU0bE162lJHYrgzeT9xokxbi4emJPCOAbspRx9aXc1PR/XGDHkjgTn+c
igQi/PCrvYuom8paouUowxXfikji+zwtMjaicB7ifrQjF8vew7wdHRmUdEr/XZs2
i3fo7ZuR7iRGNI27AUV0Ke9GdDO0cGcG135rmVV8Iocyl4xQ12zujK1iO1kZLjYW
s0Av8CIuMax+1YfPonGC+3HytescHDqCga18ru/pxmOlEZVck2omO+RoewIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA4x9mx0vdN88jKOkUbKvGMAAf4nMB8GA1UdIwQY
MBaAFCVkvoHsvBTYdAJ78jud7D9/IIDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSldTLWdleThGTmgwQW52eU81M3NQMzhnZ09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84YmUxZjEtMTAzMy00NzcyLWIyZjEt
Mjg0OTEwMzYyMzFiLzEvRGpIMmJIUzkwM3p5TW82UlJzcThZd0FCX2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84YmUxZjEtMTAzMy00NzcyLWIyZjEtMjg0OTEwMzYyMzFi
LzEvSldTLWdleThGTmgwQW52eU81M3NQMzhnZ09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAW9irMBoE
AgACMBQwEgMHACoS2cAAAQMHACoS2cAAAjANBgkqhkiG9w0BAQsFAAOCAQEAc+ZZ
x9mW3W5ZY7eRUqRMzdam+EZ8X1ZGRie2IbBEX2oNN8Sjy5X3FJ39ValfTg1a1H1Z
kx/XcPGn8yd/G/9qJ8scvKM/WoT0zjTNhb53wGWe2X0j3ppdNTJrhBeRCdfXlU52
1VrE0FZui3nV29W+RTG7QjCh/oC3b7v+WikDFAMLd3U+/ndAQNWsc/kxrlJV38zO
9su0794Gr7KyqGOWuApjcgJ0y+nUU2LTewtC4Tm+FhZNigc1af7aLt/+iCgkYndq
Dqdg79UWDVlfvpHybppM5GfFmLbxK/4xc8bEhKWJ749YfpB692f0bMHCXZ5ny5M+
wGolRCku0oGg8TNtwA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:47 2025 by rpki-client